From nobody Mon May 6 18:25:51 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+82802+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82802+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1635419386; cv=none; d=zohomail.com; s=zohoarc; b=TDTN/aNbBEbw/akwAiwpAMB0zMV8qgIdFDVB7gIea9rbfUzHcgU2B4WXFZK8aqcu9ghTVCFi4iUbzdOaHkFOmy59mt9yQkS5moMNr0NeJGHLBxOWDjT2j1krgifr7bKwmRqUfaeTlOluA22BQD1IMK/h9gT+w4YXc6tSg5Of4cw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1635419386; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=eMgHN6J2o99LTQYiMrjgxVow7vPVs/qW5HYibJ6aleg=; b=J1DUrt/9Ptat59a7RqdaVYe9XEwfV36wnsOPKcxSoR9jHRaaKX6v8EnXFN+W1e44PkIaAYWtq6jwiASKZQS13jb1pLGJcA0bEoqQpKDXBj1SWwJ9ZcLLfl7AFaiEP5maXoMn4CanZdgUdelrkHmFKsI6dFGtvh0gQy/xNS6/Kzc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82802+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 163541938618474.98970655525636; Thu, 28 Oct 2021 04:09:46 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id DvvtYY1788612xIvl391jTmi; Thu, 28 Oct 2021 04:09:45 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web08.11421.1635419385056205411 for ; Thu, 28 Oct 2021 04:09:45 -0700 X-Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-439-WjA6uEbFNH2Zm7_CV_poGw-1; Thu, 28 Oct 2021 07:09:41 -0400 X-MC-Unique: WjA6uEbFNH2Zm7_CV_poGw-1 X-Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 44F11802B78; Thu, 28 Oct 2021 11:09:39 +0000 (UTC) X-Received: from sirius.home.kraxel.org (ovpn-112-241.phx2.redhat.com [10.3.112.241]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F16A4ADCB; Thu, 28 Oct 2021 11:09:22 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 142E9180060E; Thu, 28 Oct 2021 13:09:21 +0200 (CEST) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Jiewen Yao , Jordan Justen , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Min Xu , Tom Lendacky , Stefan Berger , Gerd Hoffmann , Ard Biesheuvel , Erdem Aktas , Brijesh Singh , James Bottomley Subject: [edk2-devel] [PATCH v3 1/5] OvmfPkg: remove unused TPM options from MicrovmX64.dsc Date: Thu, 28 Oct 2021 13:09:17 +0200 Message-Id: <20211028110921.819113-2-kraxel@redhat.com> In-Reply-To: <20211028110921.819113-1-kraxel@redhat.com> References: <20211028110921.819113-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: 5ia9rPtIjb5TQyyg1nVLwdoVx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1635419385; bh=tpFkuOZIssiiWmMc4zpcerr20EPlu38KVQ81pnhkiPI=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=La5BLELfZJL53zesyeq7KVmBjamCcuPzWzItLdwIrT4pfcIFSXWAUtQOkWFjgW1zSI8 2YnrCpcwPkaY3N2Hi+QuFEUUYBKeqT0GB6kUjtCcEmw2gBPtbJhmfUloOuo6sx0dwgCwb /v1/0Ctlk5gU0Z9RaXkejbsYzIKeE/AlRzc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1635419387828100001 Content-Type: text/plain; charset="utf-8" Signed-off-by: Gerd Hoffmann Reviewed-by: Philippe Mathieu-Daude Reviewed-by: Stefan Berger --- OvmfPkg/Microvm/MicrovmX64.dsc | 2 -- 1 file changed, 2 deletions(-) diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index 617f92539518..c58c4c35d4cb 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -32,8 +32,6 @@ [Defines] DEFINE SECURE_BOOT_ENABLE =3D FALSE DEFINE SMM_REQUIRE =3D FALSE DEFINE SOURCE_DEBUG_ENABLE =3D FALSE - DEFINE TPM_ENABLE =3D FALSE - DEFINE TPM_CONFIG_ENABLE =3D FALSE =20 # # Network definition --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82802): https://edk2.groups.io/g/devel/message/82802 Mute This Topic: https://groups.io/mt/86649605/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:25:51 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+82804+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82804+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1635419394; cv=none; d=zohomail.com; s=zohoarc; b=e4YuZ78CTblIJ8XiGHYoFcI//wTwbb0KoAmbaoCV7al8WlIZFUqDxmrceGEK21HIRrYKrCP4ihb6434FHKJ/CgBtpToNLx/tewz4Rix4ImNOEBw2rJ+JY1efXO4ax0CbTQbC0//31vcFI1IjdW0cmvlASmrmJdv2USW4PjtcJCU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1635419394; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=3o2EB2tj+npycytc4uxYHsN+pznZxUNKZvxD8P5NzDs=; b=bTf3hB8BGCzcPpwuAenez6qg5aRkyhMhi2Dw8sefrEomlQXnC9cvPy18WSuAqez6pJfLaNgKWaQ3vilaNuTD9PA0u7bWzZSULHoDykYAIJPg5UDvSgrBWGvsN/Odk7rpEkQGZvazsgvncqIAf0qfxLhFQxR0Qj0hNith4fI4mUQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82804+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1635419394704852.0911658658961; Thu, 28 Oct 2021 04:09:54 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ntsbYY1788612xuCkGhYrsSY; Thu, 28 Oct 2021 04:09:54 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web09.11889.1635419393422100492 for ; Thu, 28 Oct 2021 04:09:53 -0700 X-Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-593-QxdooiovO8WsZT6bxWFQ1A-1; Thu, 28 Oct 2021 07:09:49 -0400 X-MC-Unique: QxdooiovO8WsZT6bxWFQ1A-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8754C10A8E02; Thu, 28 Oct 2021 11:09:47 +0000 (UTC) X-Received: from sirius.home.kraxel.org (ovpn-112-241.phx2.redhat.com [10.3.112.241]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B7EE2100EBBE; Thu, 28 Oct 2021 11:09:32 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 16947180060F; Thu, 28 Oct 2021 13:09:21 +0200 (CEST) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Jiewen Yao , Jordan Justen , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Min Xu , Tom Lendacky , Stefan Berger , Gerd Hoffmann , Ard Biesheuvel , Erdem Aktas , Brijesh Singh , James Bottomley Subject: [edk2-devel] [PATCH v3 2/5] OvmfPkg: move tcg configuration to dsc and fdf include files Date: Thu, 28 Oct 2021 13:09:18 +0200 Message-Id: <20211028110921.819113-3-kraxel@redhat.com> In-Reply-To: <20211028110921.819113-1-kraxel@redhat.com> References: <20211028110921.819113-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: eF0nxFfRGFJmyl8SzQBXIBVLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1635419394; bh=kpBqxWRTNRA4jgnc5JjKHrwD4V7QixcxlzBgQMQA13I=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=sHPDUTs+bVQv0qzFk1+oEdKC6tcRaIt2MmDNWK5zQtU1eX3OLxeH/no3NzfYrkFcwwd l974Hyf+RRFOaXrUA6hEqCS14mJMPfWzvqrCQ9jSWPj68jaUgYPRCohmdIZEnytWZNcqt fohWpNZo7jzshjAV3NMGXv0Xokt0+KEX+NU= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1635419397561100003 Content-Type: text/plain; charset="utf-8" With this in place the tpm configuration is not duplicated for each of our four ovmf config variants (ia32, ia32x64, x64, amdsev) and it is easier to keep them all in sync when updating the tpm configuration. No functional change. Signed-off-by: Gerd Hoffmann Reviewed-by: Stefan Berger --- OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 28 +++++++++ OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 22 +++++++ OvmfPkg/OvmfTpmDefines.dsc.inc | 6 ++ OvmfPkg/OvmfTpmLibs.dsc.inc | 14 +++++ OvmfPkg/OvmfTpmLibsDxe.dsc.inc | 8 +++ OvmfPkg/OvmfTpmLibsPeim.dsc.inc | 9 +++ OvmfPkg/OvmfTpmPcds.dsc.inc | 7 +++ OvmfPkg/OvmfTpmPcdsHii.dsc.inc | 8 +++ OvmfPkg/OvmfTpmSecurityStub.dsc.inc | 8 +++ OvmfPkg/AmdSev/AmdSevX64.dsc | 85 ++++----------------------- OvmfPkg/OvmfPkgIa32.dsc | 88 ++++------------------------ OvmfPkg/OvmfPkgIa32X64.dsc | 85 ++++----------------------- OvmfPkg/OvmfPkgX64.dsc | 85 ++++----------------------- OvmfPkg/AmdSev/AmdSevX64.fdf | 17 +----- OvmfPkg/OvmfPkgIa32.fdf | 17 +----- OvmfPkg/OvmfPkgIa32X64.fdf | 17 +----- OvmfPkg/OvmfPkgX64.fdf | 17 +----- OvmfPkg/OvmfTpmDxe.fdf.inc | 12 ++++ OvmfPkg/OvmfTpmPei.fdf.inc | 11 ++++ 19 files changed, 185 insertions(+), 359 deletions(-) create mode 100644 OvmfPkg/OvmfTpmComponentsDxe.dsc.inc create mode 100644 OvmfPkg/OvmfTpmComponentsPei.dsc.inc create mode 100644 OvmfPkg/OvmfTpmDefines.dsc.inc create mode 100644 OvmfPkg/OvmfTpmLibs.dsc.inc create mode 100644 OvmfPkg/OvmfTpmLibsDxe.dsc.inc create mode 100644 OvmfPkg/OvmfTpmLibsPeim.dsc.inc create mode 100644 OvmfPkg/OvmfTpmPcds.dsc.inc create mode 100644 OvmfPkg/OvmfTpmPcdsHii.dsc.inc create mode 100644 OvmfPkg/OvmfTpmSecurityStub.dsc.inc create mode 100644 OvmfPkg/OvmfTpmDxe.fdf.inc create mode 100644 OvmfPkg/OvmfTpmPei.fdf.inc diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponen= tsDxe.dsc.inc new file mode 100644 index 000000000000..d5c2586118f1 --- /dev/null +++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc @@ -0,0 +1,28 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { + + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf + NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } +!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif + SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { + + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf + } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } +!endif diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponen= tsPei.dsc.inc new file mode 100644 index 000000000000..99fa7c13b3e7 --- /dev/null +++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc @@ -0,0 +1,22 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE + OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + SecurityPkg/Tcg/TcgPei/TcgPei.inf + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { + + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } +!endif diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc new file mode 100644 index 000000000000..51da7508b307 --- /dev/null +++ b/OvmfPkg/OvmfTpmDefines.dsc.inc @@ -0,0 +1,6 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + DEFINE TPM_ENABLE =3D FALSE + DEFINE TPM_CONFIG_ENABLE =3D FALSE diff --git a/OvmfPkg/OvmfTpmLibs.dsc.inc b/OvmfPkg/OvmfTpmLibs.dsc.inc new file mode 100644 index 000000000000..50100f2c0371 --- /dev/null +++ b/OvmfPkg/OvmfTpmLibs.dsc.inc @@ -0,0 +1,14 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE + Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf + Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf + TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf +!else + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf +!endif diff --git a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc new file mode 100644 index 000000000000..67d5027abaea --- /dev/null +++ b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc @@ -0,0 +1,8 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i= nf + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +!endif diff --git a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc b/OvmfPkg/OvmfTpmLibsPeim.dsc.= inc new file mode 100644 index 000000000000..4e84e3dcaaeb --- /dev/null +++ b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc @@ -0,0 +1,9 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm= .inf + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +!endif diff --git a/OvmfPkg/OvmfTpmPcds.dsc.inc b/OvmfPkg/OvmfTpmPcds.dsc.inc new file mode 100644 index 000000000000..0e7f83c04bd7 --- /dev/null +++ b/OvmfPkg/OvmfTpmPcds.dsc.inc @@ -0,0 +1,7 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00= , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} +!endif diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc new file mode 100644 index 000000000000..164bc9c7fca0 --- /dev/null +++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc @@ -0,0 +1,8 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS +!endif diff --git a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc b/OvmfPkg/OvmfTpmSecurityS= tub.dsc.inc new file mode 100644 index 000000000000..4bd4066843ef --- /dev/null +++ b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc @@ -0,0 +1,8 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE + NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.i= nf + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib= .inf +!endif diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 5ee54451169b..d145b491fb44 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -32,8 +32,8 @@ [Defines] # -D FLAG=3DVALUE # DEFINE SOURCE_DEBUG_ENABLE =3D FALSE - DEFINE TPM_ENABLE =3D FALSE - DEFINE TPM_CONFIG_ENABLE =3D FALSE + +!include OvmfPkg/OvmfTpmDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -203,16 +203,7 @@ [LibraryClasses] SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf - Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf - Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf - TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf -!else - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf -!endif +!include OvmfPkg/OvmfTpmLibs.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -286,11 +277,7 @@ [LibraryClasses.common.PEIM] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm= .inf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf -!endif +!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc =20 MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLi= b.inf =20 @@ -371,10 +358,8 @@ [LibraryClasses.common.DXE_DRIVER] MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoad= ImageLib.inf -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i= nf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf -!endif + +!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc =20 [LibraryClasses.common.UEFI_APPLICATION] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -575,15 +560,10 @@ [PcdsDynamicDefault] =20 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 =20 -!if $(TPM_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00= , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} -!endif +!include OvmfPkg/OvmfTpmPcds.dsc.inc =20 [PcdsDynamicHii] -!if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS -!endif +!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc =20 ##########################################################################= ###### # @@ -624,24 +604,7 @@ [Components] UefiCpuPkg/CpuMpPei/CpuMpPei.inf OvmfPkg/AmdSev/SecretPei/SecretPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf - OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf - SecurityPkg/Tcg/TcgPei/TcgPei.inf - SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { - - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } - SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc =20 # # DXE Phase modules @@ -663,10 +626,7 @@ [Components] =20 MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { -!if $(TPM_ENABLE) =3D=3D TRUE - NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.i= nf - NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib= .inf -!endif +!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc } =20 MdeModulePkg/Universal/EbcDxe/EbcDxe.inf @@ -836,27 +796,4 @@ [Components] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { - - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf - NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif - SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { - - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf - } - SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 6a5be97c059d..462c1b970ed8 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -32,10 +32,10 @@ [Defines] DEFINE SECURE_BOOT_ENABLE =3D FALSE DEFINE SMM_REQUIRE =3D FALSE DEFINE SOURCE_DEBUG_ENABLE =3D FALSE - DEFINE TPM_ENABLE =3D FALSE - DEFINE TPM_CONFIG_ENABLE =3D FALSE DEFINE LOAD_X64_ON_IA32_ENABLE =3D FALSE =20 +!include OvmfPkg/OvmfTpmDefines.dsc.inc + # # Network definition # @@ -229,16 +229,7 @@ [LibraryClasses] SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf - Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf - Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf - TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf -!else - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf -!endif +!include OvmfPkg/OvmfTpmLibs.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -309,11 +300,7 @@ [LibraryClasses.common.PEIM] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm= .inf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf -!endif +!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc =20 MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLi= b.inf =20 @@ -401,10 +388,8 @@ [LibraryClasses.common.DXE_DRIVER] MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib= .inf -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i= nf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf -!endif + +!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc =20 [LibraryClasses.common.UEFI_APPLICATION] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -642,19 +627,14 @@ [PcdsDynamicDefault] =20 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 =20 -!if $(TPM_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00= , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} -!endif +!include OvmfPkg/OvmfTpmPcds.dsc.inc =20 # IPv4 and IPv6 PXE Boot support. gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01 gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01 =20 [PcdsDynamicHii] -!if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS -!endif +!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc =20 ##########################################################################= ###### # @@ -704,24 +684,7 @@ [Components] !endif UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf - OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf - SecurityPkg/Tcg/TcgPei/TcgPei.inf - SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { - - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } - SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc =20 # # DXE Phase modules @@ -746,10 +709,7 @@ [Components] !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificatio= nLib.inf !endif -!if $(TPM_ENABLE) =3D=3D TRUE - NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.i= nf - NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib= .inf -!endif +!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc } =20 MdeModulePkg/Universal/EbcDxe/EbcDxe.inf @@ -1019,31 +979,5 @@ [Components] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { - - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf - NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif - SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { - - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf - } - SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc =20 -!if $(LOAD_X64_ON_IA32_ENABLE) =3D=3D TRUE - OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf -!endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 71227d1b709a..3908acbc9c78 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -32,8 +32,8 @@ [Defines] DEFINE SECURE_BOOT_ENABLE =3D FALSE DEFINE SMM_REQUIRE =3D FALSE DEFINE SOURCE_DEBUG_ENABLE =3D FALSE - DEFINE TPM_ENABLE =3D FALSE - DEFINE TPM_CONFIG_ENABLE =3D FALSE + +!include OvmfPkg/OvmfTpmDefines.dsc.inc =20 # # Network definition @@ -233,16 +233,7 @@ [LibraryClasses] SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf - Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf - Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf - TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf -!else - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf -!endif +!include OvmfPkg/OvmfTpmLibs.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -313,11 +304,7 @@ [LibraryClasses.common.PEIM] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm= .inf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf -!endif +!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc =20 MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLi= b.inf =20 @@ -405,10 +392,8 @@ [LibraryClasses.common.DXE_DRIVER] MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib= .inf -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i= nf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf -!endif + +!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc =20 [LibraryClasses.common.UEFI_APPLICATION] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -654,9 +639,7 @@ [PcdsDynamicDefault] =20 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 =20 -!if $(TPM_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00= , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} -!endif +!include OvmfPkg/OvmfTpmPcds.dsc.inc =20 [PcdsDynamicDefault.X64] # IPv4 and IPv6 PXE Boot support. @@ -664,10 +647,7 @@ [PcdsDynamicDefault.X64] gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01 =20 [PcdsDynamicHii] -!if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS -!endif +!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc =20 ##########################################################################= ###### # @@ -717,24 +697,7 @@ [Components.IA32] !endif UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf - OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf - SecurityPkg/Tcg/TcgPei/TcgPei.inf - SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { - - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } - SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc =20 [Components.X64] # @@ -760,10 +723,7 @@ [Components.X64] !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificatio= nLib.inf !endif -!if $(TPM_ENABLE) =3D=3D TRUE - NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.i= nf - NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib= .inf -!endif +!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc } =20 MdeModulePkg/Universal/EbcDxe/EbcDxe.inf @@ -1034,27 +994,4 @@ [Components.X64] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { - - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf - NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif - SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { - - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf - } - SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 52f7598cf1c7..6114a4d61ab7 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -32,8 +32,8 @@ [Defines] DEFINE SECURE_BOOT_ENABLE =3D FALSE DEFINE SMM_REQUIRE =3D FALSE DEFINE SOURCE_DEBUG_ENABLE =3D FALSE - DEFINE TPM_ENABLE =3D FALSE - DEFINE TPM_CONFIG_ENABLE =3D FALSE + +!include OvmfPkg/OvmfTpmDefines.dsc.inc =20 # # Network definition @@ -233,16 +233,7 @@ [LibraryClasses] SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf - Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf - Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf - TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf -!else - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf -!endif +!include OvmfPkg/OvmfTpmLibs.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -315,11 +306,7 @@ [LibraryClasses.common.PEIM] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm= .inf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf -!endif +!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc =20 MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLi= b.inf =20 @@ -407,10 +394,8 @@ [LibraryClasses.common.DXE_DRIVER] MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib= .inf -!if $(TPM_ENABLE) =3D=3D TRUE - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i= nf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf -!endif + +!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc =20 [LibraryClasses.common.UEFI_APPLICATION] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -654,19 +639,14 @@ [PcdsDynamicDefault] =20 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 =20 -!if $(TPM_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00= , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} -!endif +!include OvmfPkg/OvmfTpmPcds.dsc.inc =20 # IPv4 and IPv6 PXE Boot support. gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01 gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01 =20 [PcdsDynamicHii] -!if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS -!endif +!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc =20 ##########################################################################= ###### # @@ -716,24 +696,7 @@ [Components] !endif UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE - OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf - OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf - SecurityPkg/Tcg/TcgPei/TcgPei.inf - SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { - - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } - SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc =20 # # DXE Phase modules @@ -757,10 +720,7 @@ [Components] !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificatio= nLib.inf -!endif -!if $(TPM_ENABLE) =3D=3D TRUE - NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.i= nf - NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib= .inf +!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc !endif } =20 @@ -1032,27 +992,4 @@ [Components] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { - - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf - NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf - NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf - NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf - NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf - NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf - } -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE - SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif - SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { - - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf - } - SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { - - TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf - } -!endif +!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 56626098862c..b9017f490458 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -156,13 +156,7 @@ [FV.PEIFV] INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE -INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf -INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf -INF SecurityPkg/Tcg/TcgPei/TcgPei.inf -INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf -INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf -!endif +!include OvmfPkg/OvmfTpmPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -318,14 +312,7 @@ [FV.DXEFV] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf -INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf -INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif -!endif +!include OvmfPkg/OvmfTpmDxe.fdf.inc =20 ##########################################################################= ###### =20 diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 775ea2d71098..24e4366c172d 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -161,13 +161,7 @@ [FV.PEIFV] !endif INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE -INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf -INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf -INF SecurityPkg/Tcg/TcgPei/TcgPei.inf -INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf -INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf -!endif +!include OvmfPkg/OvmfTpmPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -361,14 +355,7 @@ [FV.DXEFV] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf -INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf -INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif -!endif +!include OvmfPkg/OvmfTpmDxe.fdf.inc =20 !if $(LOAD_X64_ON_IA32_ENABLE) =3D=3D TRUE INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 9d8695922f97..734df36602bd 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -164,13 +164,7 @@ [FV.PEIFV] !endif INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE -INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf -INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf -INF SecurityPkg/Tcg/TcgPei/TcgPei.inf -INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf -INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf -!endif +!include OvmfPkg/OvmfTpmPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -371,14 +365,7 @@ [FV.DXEFV] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf -INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf -INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif -!endif +!include OvmfPkg/OvmfTpmDxe.fdf.inc =20 ##########################################################################= ###### =20 diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index b6cc3cabdd69..b8d074c6e496 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -180,13 +180,7 @@ [FV.PEIFV] !endif INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 -!if $(TPM_ENABLE) =3D=3D TRUE -INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf -INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf -INF SecurityPkg/Tcg/TcgPei/TcgPei.inf -INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf -INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf -!endif +!include OvmfPkg/OvmfTpmPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -387,14 +381,7 @@ [FV.DXEFV] # # TPM support # -!if $(TPM_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf -INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf -INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE -INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif -!endif +!include OvmfPkg/OvmfTpmDxe.fdf.inc =20 ##########################################################################= ###### =20 diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc new file mode 100644 index 000000000000..9dcdaaf01c39 --- /dev/null +++ b/OvmfPkg/OvmfTpmDxe.fdf.inc @@ -0,0 +1,12 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE +INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf +INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf +!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif +!endif diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc new file mode 100644 index 000000000000..9aefd73d219c --- /dev/null +++ b/OvmfPkg/OvmfTpmPei.fdf.inc @@ -0,0 +1,11 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(TPM_ENABLE) =3D=3D TRUE +INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +INF SecurityPkg/Tcg/TcgPei/TcgPei.inf +INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf +!endif --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82804): https://edk2.groups.io/g/devel/message/82804 Mute This Topic: https://groups.io/mt/86649609/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:25:51 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+82803+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82803+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1635419393; cv=none; d=zohomail.com; s=zohoarc; b=G5K0QCApxI2Yy81qaU+vBr2HlkJECrESHHm9a6wvbDxY+D/t/z4BTQC15/qe2p45/eT0yx5UgYMGjQ8LYob7cYLZ0p5kEr7a7gk7hAPoutk9iUoTVdxRnjQrJtjL5pXBen0iS++ikTop481oGyZ972TefSdlkAT3JKBMlW3v3Kw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1635419393; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ZyOcv8rOUa9/8aV9lGk4aUAa9DLI6AJQBRN3MHupjnI=; b=PBZquzkWOw3+iP/JoDrXWU5M4ZPFK6+sLINOdlx4dNMo75S28aPejQH3ukAan/UThKKChETn5vd/1JxZpRvRDjxtlJNtE6eBCSWt8QvIKi0zcBFhN+URS5U2edfq6nlNZVD4uLRPT+HlO/Fn92/aGUbl/5rLp9cF86+xeRa6HXU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82803+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1635419393981630.7558285489312; Thu, 28 Oct 2021 04:09:53 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id adbSYY1788612xM7wtDYFz3a; Thu, 28 Oct 2021 04:09:53 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web10.11355.1635419392770638389 for ; Thu, 28 Oct 2021 04:09:53 -0700 X-Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-587-H8KTo7GLNHiUoBTOuQ3zow-1; Thu, 28 Oct 2021 07:09:48 -0400 X-MC-Unique: H8KTo7GLNHiUoBTOuQ3zow-1 X-Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 3B08910A8E01; Thu, 28 Oct 2021 11:09:47 +0000 (UTC) X-Received: from sirius.home.kraxel.org (ovpn-112-241.phx2.redhat.com [10.3.112.241]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6FB44604CC; Thu, 28 Oct 2021 11:09:41 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 1DBAE180063D; Thu, 28 Oct 2021 13:09:21 +0200 (CEST) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Jiewen Yao , Jordan Justen , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Min Xu , Tom Lendacky , Stefan Berger , Gerd Hoffmann , Ard Biesheuvel , Erdem Aktas , Brijesh Singh , James Bottomley Subject: [edk2-devel] [PATCH v3 3/5] OvmfPkg: drop TPM_CONFIG_ENABLE Date: Thu, 28 Oct 2021 13:09:19 +0200 Message-Id: <20211028110921.819113-4-kraxel@redhat.com> In-Reply-To: <20211028110921.819113-1-kraxel@redhat.com> References: <20211028110921.819113-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: R6bwKUKcuxzWrvixXPQXBod1x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1635419393; bh=adwx8/74CcyT5XRUM4SetC6ua2UFmha93F0KHa+j/aU=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=HS2MLKzdwStOkcYn+G30GZ3KB85rr9jMYd80+Kfcwtsigi5URSwunsw4784W3xzSZRF YmCdkRkn0frHtbcqnhmY+0P7UYPJ1AzKqy7mCWW4/MSjR0N+dyBKZFr5xV4nMcZSIVm7Y Ljthb8fm1fdyURkN8rRb3HvQYo4AnUs/pic= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1635419394680100002 Content-Type: text/plain; charset="utf-8" Drop TPM_CONFIG_ENABLE config option. Including TPM support in the build without also including the TPM configuration menu is not useful. Suggested-by: Stefan Berger Signed-off-by: Gerd Hoffmann Tested-by: Stefan Berger Reviewed-by: Philippe Mathieu-Daude --- OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 2 -- OvmfPkg/OvmfTpmDefines.dsc.inc | 1 - OvmfPkg/OvmfTpmPcdsHii.dsc.inc | 2 +- OvmfPkg/OvmfTpmDxe.fdf.inc | 2 -- OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 6 +++--- OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml | 6 +++--- OvmfPkg/PlatformCI/ReadMe.md | 2 +- 7 files changed, 8 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponen= tsDxe.dsc.inc index d5c2586118f1..e025d85a5878 100644 --- a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc @@ -14,9 +14,7 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc index 51da7508b307..5df4a331fb99 100644 --- a/OvmfPkg/OvmfTpmDefines.dsc.inc +++ b/OvmfPkg/OvmfTpmDefines.dsc.inc @@ -3,4 +3,3 @@ ## =20 DEFINE TPM_ENABLE =3D FALSE - DEFINE TPM_CONFIG_ENABLE =3D FALSE diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc index 164bc9c7fca0..2e02a5b4cb90 100644 --- a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE +!if $(TPM_ENABLE) =3D=3D TRUE gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS !endif diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc index 9dcdaaf01c39..32eef246387a 100644 --- a/OvmfPkg/OvmfTpmDxe.fdf.inc +++ b/OvmfPkg/OvmfTpmDxe.fdf.inc @@ -6,7 +6,5 @@ INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf -!if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif -!endif diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/OvmfPkg/P= latformCI/.azurepipelines/Ubuntu-GCC5.yml index 7117b86b8177..1774423580b9 100644 --- a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml +++ b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml @@ -95,21 +95,21 @@ jobs: OVMF_IA32X64_FULL_DEBUG: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_TPM_CONFIG_ENABLE=3D1 BLD_*_NETWORK_TLS_ENA= BLE=3D1 BLD_*_NETWORK_IP6_ENABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "DEBUG" Run.Flags: $(run_flags) Run: $(should_run) OVMF_IA32X64_FULL_RELEASE: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_TPM_CONFIG_ENABLE=3D1 BLD_*_NETWORK_TLS_ENA= BLE=3D1 BLD_*_NETWORK_IP6_ENABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "RELEASE" Run.Flags: $(run_flags) Run: $(should_run) OVMF_IA32X64_FULL_NOOPT: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_TPM_CONFIG_ENABLE=3D1 BLD_*_NETWORK_TLS_ENA= BLE=3D1 BLD_*_NETWORK_IP6_ENABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "NOOPT" Run.Flags: $(run_flags) Run: $(should_run) diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml b/OvmfPk= g/PlatformCI/.azurepipelines/Windows-VS2019.yml index 2e07a3d8893a..09f9851312a2 100644 --- a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml +++ b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml @@ -94,14 +94,14 @@ jobs: OVMF_IA32X64_FULL_DEBUG: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_TPM_CONFIG_ENABLE=3D1 BLD_*_NETWORK_TLS_ENA= BLE=3D1 BLD_*_NETWORK_IP6_ENABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "DEBUG" Run.Flags: $(run_flags) Run: $(should_run) OVMF_IA32X64_FULL_RELEASE: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_TPM_CONFIG_ENABLE=3D1 BLD_*_NETWORK_TLS_ENA= BLE=3D1 BLD_*_NETWORK_IP6_ENABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "RELEASE" Run.Flags: $(run_flags) Run: $(should_run) @@ -112,7 +112,7 @@ jobs: # OVMF_IA32X64_FULL_NOOPT: # Build.File: "$(package)/PlatformCI/PlatformBuild.py" # Build.Arch: "IA32,X64" - # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_TPM_CONFIG_ENABLE=3D1 BLD_*_NETWORK_TLS_ENA= BLE=3D1 BLD_*_NETWORK_IP6_ENABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" # Build.Target: "NOOPT" # Run.Flags: $(run_flags) # Run: $(should_run) diff --git a/OvmfPkg/PlatformCI/ReadMe.md b/OvmfPkg/PlatformCI/ReadMe.md index 2ce9007dbeaa..44aa7c4a9db2 100644 --- a/OvmfPkg/PlatformCI/ReadMe.md +++ b/OvmfPkg/PlatformCI/ReadMe.md @@ -14,7 +14,7 @@ supported and are described below. | IA32 | IA32 | OvmfPkgIa32.dsc | Non= e | | X64 | X64 | OvmfPkgIa64.dsc | Non= e | | IA32 X64 | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | Non= e | -| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SEC= URE_BOOT_ENABLE=3D1 SMM_REQUIRE=3D1 TPM_ENABLE=3D1 TPM_CONFIG_ENABLE=3D1 NE= TWORK_TLS_ENABLE=3D1 NETWORK_IP6_ENABLE=3D1 NETWORK_HTTP_BOOT_ENABLE=3D1 | +| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SEC= URE_BOOT_ENABLE=3D1 SMM_REQUIRE=3D1 TPM_ENABLE=3D1 NETWORK_TLS_ENABLE=3D1 N= ETWORK_IP6_ENABLE=3D1 NETWORK_HTTP_BOOT_ENABLE=3D1 | =20 ## EDK2 Developer environment =20 --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82803): https://edk2.groups.io/g/devel/message/82803 Mute This Topic: https://groups.io/mt/86649608/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:25:51 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+82806+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82806+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1635419408; cv=none; d=zohomail.com; s=zohoarc; b=iJq/wdiPUKPVXOcHydeeYemS7zY6p7/FnPlOaXC+Vm805THVtocjnae3byYpZuGRHyszsTG7+fquyhcp1PniMJ+zhz35B1pKYQ7cXe9bN3HjH5jUCX2fktOdiBLzQ5f6XT+Ndo6WQP0I+DtuKyWMit5wUMg0hq35L2Uv15l0uE4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1635419408; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=O5WjXmWkxI5QGV44y9VgGmDLVWJaPQe/EhGrvH+v71M=; b=ezGZiRmG+F8jEivFnopuYAFiklrZxJb2UrpwKolYiEtGizl0od7cY8ylML4e2EvaXij3fdiH1Jg15CP3bGuvpBSS+/+rSTOqe88v0DPjmn/2iFAmwFx5G0qRCdSuZ6a3muv87HDWS8ahgyD3S+0iL/RfSbBKwPGhbralcZ6kXsk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82806+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1635419408112331.84225710966314; Thu, 28 Oct 2021 04:10:08 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id qQL9YY1788612xXBNQDKPsNJ; Thu, 28 Oct 2021 04:10:07 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web12.11356.1635419406981701707 for ; Thu, 28 Oct 2021 04:10:07 -0700 X-Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-24-6g--ni34MfW6lv-10L71aA-1; Thu, 28 Oct 2021 07:10:02 -0400 X-MC-Unique: 6g--ni34MfW6lv-10L71aA-1 X-Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4563619200C4; Thu, 28 Oct 2021 11:10:01 +0000 (UTC) X-Received: from sirius.home.kraxel.org (ovpn-112-241.phx2.redhat.com [10.3.112.241]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 71B385DA61; Thu, 28 Oct 2021 11:09:49 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 264251801ABE; Thu, 28 Oct 2021 13:09:21 +0200 (CEST) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Jiewen Yao , Jordan Justen , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Min Xu , Tom Lendacky , Stefan Berger , Gerd Hoffmann , Ard Biesheuvel , Erdem Aktas , Brijesh Singh , James Bottomley Subject: [edk2-devel] [PATCH v3 4/5] OvmfPkg: create Tcg12ConfigPei.inf Date: Thu, 28 Oct 2021 13:09:20 +0200 Message-Id: <20211028110921.819113-5-kraxel@redhat.com> In-Reply-To: <20211028110921.819113-1-kraxel@redhat.com> References: <20211028110921.819113-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: Rz8vTQrMgALVaoYenBfKPDvmx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1635419407; bh=CoAan4OmRBu1avVG/1tOLYTtEodiuJoKI9IPQaqL7KA=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=jgpaeBTXGDk1s0N/fGVJ+aoE/jFmguO4B40osRVpcQi7kFMNCGKpKm32KWABWpHwD0N twLIQTDsGQOIn8t7VWDqMSbQYuZ8nkmZBUQmTvZ9DsjYbKF7Zeo6eGC6p3+E1M9YAS7w2 geOn+2ebHIGQJrkkxRjahXbY7PECHJzijb8= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1635419408580100002 Content-Type: text/plain; charset="utf-8" Split Tcg2ConfigPei.inf into two variants: Tcg12ConfigPei.inf with TPM 1.2 support included and Tcg2ConfigPei.inf supporting TPM 2.0 only. This allows x86 builds to choose whenever TPM 1.2 support should be included or not by picking the one or the other inf file. Switch x86 builds to Tcg12ConfigPei.inf, so they continue to have TPM 1.2 support. No functional change. Signed-off-by: Gerd Hoffmann Reviewed-by: Stefan Berger Tested-by: Stefan Berger Reviewed-by: Philippe Mathieu-Daude --- OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 2 +- .../{Tcg2ConfigPei.inf =3D> Tcg12ConfigPei.inf} | 11 ++--------- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 11 +---------- OvmfPkg/OvmfTpmPei.fdf.inc | 2 +- 4 files changed, 5 insertions(+), 21 deletions(-) copy OvmfPkg/Tcg/Tcg2Config/{Tcg2ConfigPei.inf =3D> Tcg12ConfigPei.inf} (8= 2%) diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponen= tsPei.dsc.inc index 99fa7c13b3e7..87d491da5047 100644 --- a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc @@ -4,7 +4,7 @@ =20 !if $(TPM_ENABLE) =3D=3D TRUE OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf - OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf SecurityPkg/Tcg/TcgPei/TcgPei.inf SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { diff --git a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf b/OvmfPkg/Tcg/Tcg2Con= fig/Tcg12ConfigPei.inf similarity index 82% copy from OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf copy to OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf index 39d1deeed16b..e8e0b88e6058 100644 --- a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +++ b/OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf @@ -1,5 +1,5 @@ ## @file -# Set TPM device type +# Set TPM device type - supports TPM 1.2 and 2.0 # # In SecurityPkg, this module initializes the TPM device type based on a U= EFI # variable and/or hardware detection. In OvmfPkg, the module only performs= TPM @@ -14,7 +14,7 @@ [Defines] INF_VERSION =3D 0x00010005 BASE_NAME =3D Tcg2ConfigPei - FILE_GUID =3D BF7F2B0C-9F2F-4889-AB5C-12460022BE87 + FILE_GUID =3D 8AD3148F-945F-46B4-8ACD-71469EA73945 MODULE_TYPE =3D PEIM VERSION_STRING =3D 1.0 ENTRY_POINT =3D Tcg2ConfigPeimEntryPoint @@ -22,13 +22,8 @@ [Defines] [Sources] Tcg2ConfigPeim.c Tpm12Support.h - -[Sources.IA32, Sources.X64] Tpm12Support.c =20 -[Sources.ARM, Sources.AARCH64] - Tpm12SupportNull.c - [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec @@ -40,8 +35,6 @@ [LibraryClasses] DebugLib PeiServicesLib Tpm2DeviceLib - -[LibraryClasses.IA32, LibraryClasses.X64] BaseLib Tpm12DeviceLib =20 diff --git a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf b/OvmfPkg/Tcg/Tcg2Con= fig/Tcg2ConfigPei.inf index 39d1deeed16b..51078c981374 100644 --- a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +++ b/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf @@ -1,5 +1,5 @@ ## @file -# Set TPM device type +# Set TPM device type - supports TPM 2.0 only # # In SecurityPkg, this module initializes the TPM device type based on a U= EFI # variable and/or hardware detection. In OvmfPkg, the module only performs= TPM @@ -22,11 +22,6 @@ [Defines] [Sources] Tcg2ConfigPeim.c Tpm12Support.h - -[Sources.IA32, Sources.X64] - Tpm12Support.c - -[Sources.ARM, Sources.AARCH64] Tpm12SupportNull.c =20 [Packages] @@ -41,10 +36,6 @@ [LibraryClasses] PeiServicesLib Tpm2DeviceLib =20 -[LibraryClasses.IA32, LibraryClasses.X64] - BaseLib - Tpm12DeviceLib - [Guids] gEfiTpmDeviceSelectedGuid ## PRODUCES ## GUID # Used as a PPI = GUID gEfiTpmDeviceInstanceTpm20DtpmGuid ## SOMETIMES_CONSUMES diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc index 9aefd73d219c..709a608cc3bd 100644 --- a/OvmfPkg/OvmfTpmPei.fdf.inc +++ b/OvmfPkg/OvmfTpmPei.fdf.inc @@ -4,7 +4,7 @@ =20 !if $(TPM_ENABLE) =3D=3D TRUE INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf -INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +INF OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82806): https://edk2.groups.io/g/devel/message/82806 Mute This Topic: https://groups.io/mt/86649616/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:25:51 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+82805+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82805+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1635419402; cv=none; d=zohomail.com; s=zohoarc; b=gYmhojYDhyqJ5Ai5q0eGgu0vQrBeRa6IXgRGWJcERosRpgU/W0bogeh6kOwprMeJn9GicSOhhhKv6LVjF6INkvNdvFu1YQ67H8jd7yyvBgtpXYxCABxlaAliwg3Hg5i3ARdXVO6wqVa8g5XQ08FjQUMFecoXOV9G009p3CFBELk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1635419402; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=CW2R+VJCM6nLZ3FfT+w6nl8xOJQS/S5TsJzFvlj86fU=; b=nescLB9V0+smHsS1qy9gPpVaALK9sj77mVoTb8TSTog/fbkWuqYRbqY/1ScY3mSxWD1XFXmRBwqChAeOETxBG/FGjzr0HuHT9Pk6PaGX+03Nn6s4XwE8TCIRs8RJHhPnA0HQXdzUB00RG/uYhcb6jHU8b+xKFLPukxYmklyVRKU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+82805+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1635419402330494.2866839303001; Thu, 28 Oct 2021 04:10:02 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 5vqqYY1788612x2hwwT9nCCI; Thu, 28 Oct 2021 04:10:02 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web11.11527.1635419401141216439 for ; Thu, 28 Oct 2021 04:10:01 -0700 X-Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-479-6Ur1svZHOfWOCx9Yx7DCIw-1; Thu, 28 Oct 2021 07:09:57 -0400 X-MC-Unique: 6Ur1svZHOfWOCx9Yx7DCIw-1 X-Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 703E11006AA2; Thu, 28 Oct 2021 11:09:55 +0000 (UTC) X-Received: from sirius.home.kraxel.org (ovpn-112-241.phx2.redhat.com [10.3.112.241]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 681085F4EA; Thu, 28 Oct 2021 11:09:49 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 2B6821801ABF; Thu, 28 Oct 2021 13:09:21 +0200 (CEST) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Jiewen Yao , Jordan Justen , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Min Xu , Tom Lendacky , Stefan Berger , Gerd Hoffmann , Ard Biesheuvel , Erdem Aktas , Brijesh Singh , James Bottomley Subject: [edk2-devel] [PATCH v3 5/5] OvmfPkg: rework TPM configuration Date: Thu, 28 Oct 2021 13:09:21 +0200 Message-Id: <20211028110921.819113-6-kraxel@redhat.com> In-Reply-To: <20211028110921.819113-1-kraxel@redhat.com> References: <20211028110921.819113-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: bQpbrKxJk0Pb6qx1ia4H1rBex1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1635419402; bh=VGV4hz5mwSDRPZQHQj133rJgD3TBMXjmKKaPcbmOGtU=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=nmVIjggguyiUR5oirwMLwHPUsqSIr0diCyg4KFGce2M1UlhqlQOZWTY9WZNPNNsCwzO jyTUF7KNnHTKqv7KkSJ9CEUsGrDdF9aNEBGD0zw2uL6H3BJtOL2mLVodOj8S4wmMYweRx 8JIwzlZWWjQ8EnetKcN3VNrqzVKUpm6bf50= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1635419403982100001 Content-Type: text/plain; charset="utf-8" Rename TPM_ENABLE to TPM2_ENABLE so naming is in line with the ArmVirtPkg config option name. Add separate TPM1_ENABLE option for TPM 1.2 support. Signed-off-by: Gerd Hoffmann Tested-by: Stefan Berger Reviewed-by: Philippe Mathieu-Daude --- OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 4 +++- OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 6 +++++- OvmfPkg/OvmfTpmDefines.dsc.inc | 5 ++++- OvmfPkg/OvmfTpmLibs.dsc.inc | 4 +++- OvmfPkg/OvmfTpmLibsDxe.dsc.inc | 4 +++- OvmfPkg/OvmfTpmLibsPeim.dsc.inc | 4 +++- OvmfPkg/OvmfTpmPcds.dsc.inc | 2 +- OvmfPkg/OvmfTpmPcdsHii.dsc.inc | 2 +- OvmfPkg/OvmfTpmSecurityStub.dsc.inc | 4 +++- OvmfPkg/OvmfTpmDxe.fdf.inc | 4 +++- OvmfPkg/OvmfTpmPei.fdf.inc | 6 +++++- OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 6 +++--- OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml | 6 +++--- OvmfPkg/PlatformCI/ReadMe.md | 2 +- 14 files changed, 41 insertions(+), 18 deletions(-) diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponen= tsDxe.dsc.inc index e025d85a5878..75ae09571e8c 100644 --- a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc +++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf @@ -15,10 +15,12 @@ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!if $(TPM1_ENABLE) =3D=3D TRUE SecurityPkg/Tcg/TcgDxe/TcgDxe.inf { Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } +!endif SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponen= tsPei.dsc.inc index 87d491da5047..fa486eed82d2 100644 --- a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc @@ -2,10 +2,14 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +!if $(TPM1_ENABLE) =3D=3D TRUE OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf SecurityPkg/Tcg/TcgPei/TcgPei.inf +!else + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +!endif SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc index 5df4a331fb99..a65564d8d9d2 100644 --- a/OvmfPkg/OvmfTpmDefines.dsc.inc +++ b/OvmfPkg/OvmfTpmDefines.dsc.inc @@ -2,4 +2,7 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 - DEFINE TPM_ENABLE =3D FALSE + DEFINE TPM2_ENABLE =3D FALSE + + # has no effect unless TPM2_ENABLE =3D=3D TRUE + DEFINE TPM1_ENABLE =3D TRUE diff --git a/OvmfPkg/OvmfTpmLibs.dsc.inc b/OvmfPkg/OvmfTpmLibs.dsc.inc index 50100f2c0371..418747b13487 100644 --- a/OvmfPkg/OvmfTpmLibs.dsc.inc +++ b/OvmfPkg/OvmfTpmLibs.dsc.inc @@ -2,8 +2,10 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE +!if $(TPM1_ENABLE) =3D=3D TRUE Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf +!endif Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf diff --git a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc index 67d5027abaea..1d66cdac778c 100644 --- a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc +++ b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc @@ -2,7 +2,9 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE +!if $(TPM1_ENABLE) =3D=3D TRUE Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i= nf +!endif Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf !endif diff --git a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc b/OvmfPkg/OvmfTpmLibsPeim.dsc.= inc index 4e84e3dcaaeb..03caccd7c688 100644 --- a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc +++ b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc @@ -2,8 +2,10 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +!if $(TPM1_ENABLE) =3D=3D TRUE Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm= .inf +!endif Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf !endif diff --git a/OvmfPkg/OvmfTpmPcds.dsc.inc b/OvmfPkg/OvmfTpmPcds.dsc.inc index 0e7f83c04bd7..0d55d6273702 100644 --- a/OvmfPkg/OvmfTpmPcds.dsc.inc +++ b/OvmfPkg/OvmfTpmPcds.dsc.inc @@ -2,6 +2,6 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00= , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} !endif diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc index 2e02a5b4cb90..e84225323519 100644 --- a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc +++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS !endif diff --git a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc b/OvmfPkg/OvmfTpmSecurityS= tub.dsc.inc index 4bd4066843ef..e9ab2fca7bc7 100644 --- a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc +++ b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc @@ -2,7 +2,9 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE +!if $(TPM1_ENABLE) =3D=3D TRUE NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.i= nf +!endif NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib= .inf !endif diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc index 32eef246387a..7fc2bf8590a4 100644 --- a/OvmfPkg/OvmfTpmDxe.fdf.inc +++ b/OvmfPkg/OvmfTpmDxe.fdf.inc @@ -2,8 +2,10 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE +!if $(TPM1_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf +!endif INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc index 709a608cc3bd..9f8b9bdd5bed 100644 --- a/OvmfPkg/OvmfTpmPei.fdf.inc +++ b/OvmfPkg/OvmfTpmPei.fdf.inc @@ -2,10 +2,14 @@ # SPDX-License-Identifier: BSD-2-Clause-Patent ## =20 -!if $(TPM_ENABLE) =3D=3D TRUE +!if $(TPM2_ENABLE) =3D=3D TRUE INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf +!if $(TPM1_ENABLE) =3D=3D TRUE INF OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf +!else +INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +!endif INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/OvmfPkg/P= latformCI/.azurepipelines/Ubuntu-GCC5.yml index 1774423580b9..8df31298f551 100644 --- a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml +++ b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml @@ -95,21 +95,21 @@ jobs: OVMF_IA32X64_FULL_DEBUG: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM2_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_E= NABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "DEBUG" Run.Flags: $(run_flags) Run: $(should_run) OVMF_IA32X64_FULL_RELEASE: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM2_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_E= NABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "RELEASE" Run.Flags: $(run_flags) Run: $(should_run) OVMF_IA32X64_FULL_NOOPT: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM2_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_E= NABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "NOOPT" Run.Flags: $(run_flags) Run: $(should_run) diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml b/OvmfPk= g/PlatformCI/.azurepipelines/Windows-VS2019.yml index 09f9851312a2..68b5d951e908 100644 --- a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml +++ b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml @@ -94,14 +94,14 @@ jobs: OVMF_IA32X64_FULL_DEBUG: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM2_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_E= NABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "DEBUG" Run.Flags: $(run_flags) Run: $(should_run) OVMF_IA32X64_FULL_RELEASE: Build.File: "$(package)/PlatformCI/PlatformBuild.py" Build.Arch: "IA32,X64" - Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM2_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_E= NABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" Build.Target: "RELEASE" Run.Flags: $(run_flags) Run: $(should_run) @@ -112,7 +112,7 @@ jobs: # OVMF_IA32X64_FULL_NOOPT: # Build.File: "$(package)/PlatformCI/PlatformBuild.py" # Build.Arch: "IA32,X64" - # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_EN= ABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" + # Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=3D1 BLD_*_SMM_REQUIRE= =3D1 BLD_*_TPM2_ENABLE=3D1 BLD_*_NETWORK_TLS_ENABLE=3D1 BLD_*_NETWORK_IP6_= ENABLE=3D1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=3D1" # Build.Target: "NOOPT" # Run.Flags: $(run_flags) # Run: $(should_run) diff --git a/OvmfPkg/PlatformCI/ReadMe.md b/OvmfPkg/PlatformCI/ReadMe.md index 44aa7c4a9db2..1216dee126f1 100644 --- a/OvmfPkg/PlatformCI/ReadMe.md +++ b/OvmfPkg/PlatformCI/ReadMe.md @@ -14,7 +14,7 @@ supported and are described below. | IA32 | IA32 | OvmfPkgIa32.dsc | Non= e | | X64 | X64 | OvmfPkgIa64.dsc | Non= e | | IA32 X64 | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | Non= e | -| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SEC= URE_BOOT_ENABLE=3D1 SMM_REQUIRE=3D1 TPM_ENABLE=3D1 NETWORK_TLS_ENABLE=3D1 N= ETWORK_IP6_ENABLE=3D1 NETWORK_HTTP_BOOT_ENABLE=3D1 | +| IA32 X64 Full | PEI-IA32 DXE-X64 | OvmfPkgIa32X64.dsc | SEC= URE_BOOT_ENABLE=3D1 SMM_REQUIRE=3D1 TPM1_ENABLE=3D1 TPM2_ENABLE=3D1 NETWORK= _TLS_ENABLE=3D1 NETWORK_IP6_ENABLE=3D1 NETWORK_HTTP_BOOT_ENABLE=3D1 | =20 ## EDK2 Developer environment =20 --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82805): https://edk2.groups.io/g/devel/message/82805 Mute This Topic: https://groups.io/mt/86649611/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-